• Home
  • Laptops
  • Laptops News
  • Microsoft Reportedly Left Users Vulnerable for Years Due to Out of Date Driver List: All Details

Microsoft Reportedly Left Users Vulnerable for Years Due to Out-of-Date Driver List: All Details

Microsoft's blocklist for vulnerable drivers was reportedly out-of-date since 2019.

Microsoft Reportedly Left Users Vulnerable for Years Due to Out-of-Date Driver List: All Details

Photo Credit: Reuters

Microsoft reportedly added additional security layers of driver protection

Highlights
  • Microsoft reportedly said it has corrected the security flaw
  • The software giant adds malicious drivers for Windows to a blocklist
  • Microsoft's security flaw allowed hackers to use vulnerable drivers

Microsoft failed to safeguard Windows PC users from malicious drivers since 2019, according to a report. Computers use drivers to communicate with external devices such as hard disks, cameras, printers, and smartphones. Each driver is required to be digitally signed to ensure that it is safe for use. If, however, an existing digitally signed driver has a security flaw, it could be easily exploited by hackers. This has reportedly caused people to be exposed to a type of cyberattack called Bring Your Own Vulnerable Driver (BYOVD) that grants hackers direct access to the PCs running on Windows, by exploiting known flaws in driver software.

Microsoft uses hypervisor-protected code integrity (HVCI) as a security measure against such attacks. Citing senior vulnerability analyst Will Dormann, ArsTechnica reports that this security tool did not properly protect users against being infected through compromised drivers.

Last month, Dormann posted a Twitter thread on how he was able to download a malicious driver on a Microsoft HVCI-enabled device, which should have been blocked. He claims that the blocklist had not been updated since 2019, implying that users were not protected by Microsoft from these drivers for years.

Earlier this month, Microsoft project manager Jeffery Sutherland replied to Dormann's tweets and revealed additional protectional measures the company had recently undertaken to mitigate the issue. “We have updated the online docs and added a download with instructions to apply the binary version directly,” Sutherland tweeted.

Microsoft told ArsTechnica that it adds malicious drivers to a blocklist, that receives regular updates. “The vulnerable driver list is regularly updated, however we received feedback there has been a gap in synchronization across OS versions. We have corrected this and it will be serviced in upcoming and future Windows Updates. The documentation page will be updated as new updates are released,” the company said.

Meanwhile many cases of BYOVD attacks have made it to the headlines in recent times. Recently, cybercriminals exploited a vulnerability in the anti-cheat driver for the game Genshin Impact. Last year, North Korean hacking group Lazarus used a BYOVD attack on an aerospace employee in the Netherlands.


Apple unveiled eight new products at its September 'Far Out' event. Which ones will float — and which will sink? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Microsoft, Security Breach, Drivers
Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
Razer Edge 5G Handheld Gaming Console With Qualcomm Snapdragon G3x Gen 1 SoC Launched: All Details
Share on Facebook Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2023. All rights reserved.